Facebook has been fined £500,000 for the Cambridge Analytica scandal. Indeed, the social media network will receive the maximum fine penalty for collecting the data of tens of millions of users.

The Information Commissioner’s Office (ICO) revealed that the social media network permitted a “serious breach” to take place. As a result, the UK’s data protection watchdog has issued it a £500,000 fine.

The investigation identified that between 2007-2014, Facebook gave app developers access to the personal data of its users. This took place without the informed consent of the individuals. The Cambridge Analytica scandal saw the illegal data collection of 87 million Facebook users. As a result, the information collected was used to assist Donald Trump’s presidential election campaign.

Because the data breach took place prior to the new GDPR regulation, the maximum fine permitted is only £500,000. But, had the scandal taken place under the new EU data protection law, the fine would have been £17 million.

The £500,000 fine remains only 0.04% of Facebook UK’s annual revenue.

Under the £17 million fine, it would have been 4% of global turnover.

Information Commissioner Elizabeth Denham commented:

“Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data. A company of its size and expertise should have known better and it should have done better.

“We considered these contraventions to be so serious we imposed the maximum penalty under the previous legislation.

“One of our main motivations for taking enforcement action is to drive meaningful change in how organisations handle people’s data.”

Facebook is currently “reviewing” the ICO’s verdict. It commented in a statement:

“While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015.”

At 10:09 GMT -4 today, shares in Facebook, Inc. (NASDAQ:FB) were trading at +2.31%.